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Certificates are 
Everywhere diem O 


Google Cloud Platform 
T Microsoft 


Azure 


Services in Public 
Clouds 


Public-Facing [e] 
Services 


API endpoints 


Machine-to-machine 
communication 


Internal Services 
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SSSL Pulse 


The Good 
* No SHA1 or 1024 bit keys 


The Bad (~35% inadequate) 

* Expired certificates: -5,200 

* Expiring in the next 2 weeks: -4,500 
* Weak/Insecure cipher suites: -4,200 
* SSLv2/SSLv3: -15,000 

TLSv1.0: ~99,000 (72%) 

RC4 enabled: ~22,000 (16%) 
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You are here: Home > Projects > SSL Pulse 


SSL Pulse 


SSL Pulse is a continuous and global dashboard for monitoring the quality of SSL / TLS support over time across 150,000 SSL- and TLS-enabled 
websites, based on Alexa's list of the most popular sites in the world. 


Monthly Scan: November 02, 2018 


SSL Security Summary SSL Labs Grade Distribution 
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+1.2% 50% 


November 2018 


Inadequate security 40% 
% 8.4 % of sites surveyed 
3% 49,078 
secure sites -0.6% have a grade of F 


11,492 sites - 0.3 % 
October 2016 
8.7 % (11,766 sites) 


Secure sites j 
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Current State of Most Organizations 


Limited 
Visibility 
9596 of organizations 
don't know where 


certs are in their 
networks 


Limited ownership 
information 


The unknown is 
difficult to manage 


Expirations 
Missed 


Unplanned outages 


Many more "near 
misses" 


Compliance 


Certificates from 
unapproved CAs 


Responding to 
audits are manually 
intensive exercises 


Reliance on 
Manual 
Processes 


Spreadsheets are 
error prone and out- 
of-date 


Expensive, not 
scalable as certificates 
increase 


Troubleshooting 
issues is challenging 
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Challenges of Existing Solutions 


Visibility 


Point tools, increasing effort and ownership costs 


Scalability 


B K f Operational silos 
Se @ OQ T Work in on-premises or cloud-only mode 


Require multiple or complex deployments to cover 
large environments 


Maturity 


Most solutions are off-the-shelf vulnerability-only or 
certificate-only “tools” 
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Introducing 
Oualys CertView 


Discover, inventory, monitor certificates 


Discover, inventory, monitor host 
configurations & vulnerabilities 


Coverage across both on-premises and 
cloud environments 


Renew certificates from the same platform 


Default Dashboard v 
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TOTAL CERTIFICATES CERTIFICATES BY ISSUING AUTHORITIES 
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CERTIFICATES BY EXPIRATION TOP 5 CERTIFICATES BY COMMON NAME 


INSTANCES — — UNIGUEASSETS 


CERTIFICATES BY HASHING ALGORITHM CERTIFICATES BY KEY LENGTH 


aha WithRSAEnc-yption 


Key Advantages of 
Oualys CertView 


Certificate View v 
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CERTIFICATES BY EXPIRATION GRADES VULNERABILITIES BY SEVERITY 


pied 


CERTIFICATES BY ALGORITHM TOP 5 CERTIFICATES BY COMMON NAME 


CERTIFICATE INSTANCES BY PORT 


CertView Releases and Roadmap 


an 2019 amel 
J ez March 2019 Assign ownership 
Scan Consolidation Report enhancements Enroll/Renew (Comodo/Let'sEncrypt) 


Certificate Validation 


d AR i 


Feb 2019 June 2019* Q4 2019* 
CA Imports Mies Cloud Agent support 
irri GE RBAC Enroll/Renew 
pprova! worktiow (Entrust/Godaddy/EJBCA) 


Deploy on Apache/IIS 
ServiceNow CMDB integration 
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DEMO 


Certificate View 
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